PT-2021-10353 · Pdf2Json · Pdf2Json

Strongcourage

·

Published

2021-07-21

·

Updated

2021-07-29

·

CVE-2020-19468

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: PDF2JSON version 0.70
Description: The issue is related to a null pointer dereference in the EmbedStream::getChar function, allowing attackers to cause a Denial of Service due to an invalid read of size 8. This occurs in the EmbedStream::getChar function.
Recommendations: For PDF2JSON version 0.70, consider disabling the EmbedStream::getChar function as a temporary workaround until a patch is available.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2020-19468

Affected Products

Pdf2Json